CINIC described the second attack as the largest DDoS attack it has faced so far.

The Mysterious East

Just what happened in China is not quite clear.

"We have nothing official as far as our intelligence or validation of the attack," said David Fernandez, director of PLXsert, the security engineering and response team at
Prolexic, a firm specializing in securing clients against DDoS attacks.

"There isn't a tremendous amount of detail available on this attack yet, probably because of the control that China has over their media," Alex Cox, a senior researcher at
RSA FirstWatch, told TechNewsWorld. "We at FirstWatch are tracking it a part of our typical threat landscape overview."

The Mechanics of a DDoS Attack

DDoS attacks aim to make a machine or network resource unavailable to its users. Typical targets are sites or services hosted on high-profile Web servers, such as banks or credit card payment gateways, but government and corporate sites have become fair game of late.

DoS attacks are typically launched by saturating a server or computer with so many external communications requests that it is either dramatically slowed down, or cannot respond to legitimate traffic.

In DDoS attacks, several systems flood the bandwidth or resources of a target system.

Facts About DDoS Attacks

DDoS attacks are becoming larger and lasting longer, Prolexic has found. In Q1 2013, the average DDoS attack consumed a record bandwidth of more than 48 Gbps. This went up to more than 49 Gbps in Q2 -- a year-over-year increase of 925 percent.

Average packet-per-second volume in Q2 was 47.4 Mpps, 45 percent more than the 32.4 Mpps logged in Q1 and 1,655 percent more than in Q2 2012.

The number of DDoS attacks in Q2 2013 was 33 percent higher than in Q2 2012.

A Clear and Present Danger

Attacks on DNS infrastructure are typically high-bandwidth, launched either through botnets or other hacked infrastructure, Cox said. In some cases, attackers use amplification, multiplying traffic and directing it at a target, because DNS infrastructure is typically protected from run-of-the-mill attacks.

Recently, large-scale DDoS attacks have been political or hacktivist-related, Cox commented. DDoS attacks are also used by cybercriminals as weapons against each other.

Governments and corporations are equally at risk of DDoS attacks.

"In some aspects, governments' IP is no more secure than that in the private sector," Prolexic's Fernandez said.

Arming Against Attacks

"You don't want a single point of failure in any institution," Fernandez said. Governments and enterprises "should have backup plans to defend against various types of attacks."

Enterprises and governments should ensure that applications are developed using a security-focused software development lifecycle, Cox suggested. This is especially important with critical applications or Internet-facing systems.

Organizations should have plans in place for DDoS mitigation, but "a high-bandwidth DDoS [that's] botnet-based can be very difficult to defend against," Cox continued. "Often victims have to weather the storm until the attack subsides."